import { Controller, Get, Post, Body, Patch, Param, Delete, UseGuards } from '@nestjs/common';
import { PermissionsService } from './permissions.service';
import { CreatePermissionDto } from './dto/create-permission.dto';
import { UpdatePermissionDto } from './dto/update-permission.dto';
import { JwtAuthGuard } from '../auth/guards/jwt-auth.guard';
import { PermissionsGuard } from '../common/guards/permissions.guard';
import { Permissions } from '../common/decorators/permissions.decorator';
import { ApiTags, ApiOperation, ApiResponse, ApiBearerAuth } from '@nestjs/swagger';

@ApiTags('权限管理')
@ApiBearerAuth()
@Controller('permissions')
@UseGuards(JwtAuthGuard, PermissionsGuard)
export class PermissionsController {
  constructor(private readonly permissionsService: PermissionsService) {}

  @Post()
  @Permissions('permission:create')
  @ApiOperation({ summary: '创建权限', description: '创建新权限，需要permission:create权限' })
  @ApiResponse({ status: 201, description: '权限创建成功' })
  create(@Body() createPermissionDto: CreatePermissionDto) {
    return this.permissionsService.create(createPermissionDto);
  }

  @Get()
  @Permissions('permission:read')
  @ApiOperation({ summary: '获取所有权限', description: '获取权限列表' })
  @ApiResponse({ status: 200, description: '返回权限列表' })
  findAll() {
    return this.permissionsService.findAll();
  }

  @Get(':id')
  @Permissions('permission:read')
  @ApiOperation({ summary: '获取单个权限', description: '根据ID获取权限详情' })
  @ApiResponse({ status: 200, description: '返回权限信息' })
  findOne(@Param('id') id: string) {
    return this.permissionsService.findOne(id);
  }

  @Patch(':id')
  @Permissions('permission:update')
  @ApiOperation({ summary: '更新权限', description: '更新权限信息' })
  @ApiResponse({ status: 200, description: '权限更新成功' })
  update(@Param('id') id: string, @Body() updatePermissionDto: UpdatePermissionDto) {
    return this.permissionsService.update(id, updatePermissionDto);
  }

  @Delete(':id')
  @Permissions('permission:delete')
  @ApiOperation({ summary: '删除权限', description: '根据ID删除权限' })
  @ApiResponse({ status: 200, description: '权限删除成功' })
  remove(@Param('id') id: string) {
    return this.permissionsService.remove(id);
  }
  
  @Post('batch-delete')
  @Permissions('permission:delete')
  @ApiOperation({ summary: '批量删除权限', description: '批量删除多个权限' })
  @ApiResponse({ status: 200, description: '权限批量删除成功' })
  removeMany(@Body('ids') ids: string[]) {
    return this.permissionsService.removeMany(ids);
  }
} 